[Remote] Sr. Principal IAM Security Engineer
Note: The job is a remote job and is open to candidates in USA. Autodesk is a company that creates innovative solutions across various industries. They are seeking a Sr. Principal IAM Security Engineer to lead the strategy and execution for modern Identity and Access Management, focusing on both human and non-human identities while ensuring secure and scalable identity governance.ResponsibilitiesDefine the enterprise and platform IAM strategy for human identities, NHI, and AI/agent identities, including lifecycle, authentication, authorization, and auditing standardsEstablish identity reference architectures, patterns, and paved roads for product teams and internal engineeringBuild and operationalize controls for service identities, workload identities, API identities, bots, and automation accounts across cloud, CI/CD, and runtime environmentsDrive adoption of short-lived, federated credentials where feasible; reduce static secrets and unmanaged service accountsImplement lifecycle governance for NHI: creation standards, ownership, rotation/attestation, inactivity reaping, and incident response playbooksDefine secure patterns for AI acting on behalf of users or services, including delegated authorization, scoped tokens, and least-privilege access modelsPartner with AI platform teams to implement guardrails: identity provenance, policy enforcement, auditing, and kill-switch mechanisms for misbehaving agentsEnsure AI identity behaviors are measurable and governable (logging, traceability, approvals for sensitive actions, segmentation of duties)Embed AI and machine learning capabilities into IAM platforms and security tooling to enable intelligent, automated identity governance — including access decisioning, anomaly detection, and agent behavior monitoringDesign, build, and deploy purpose-built AI agents and ML-powered security systems that autonomously execute IAM functions — including identity lifecycle management, entitlement reviews, and real-time response to identity-based threatsFine-tune and optimize existing AI models against Autodesk-specific identity and access data to improve accuracy of threat detection, behavioral anomaly identification, and access risk scoring within the IAM environmentBuild/standardize authorization models (RBAC/ABAC/ReBAC as appropriate) across workforce and product systemsDrive consistent policy as code, access reviews, and privileged access workflowsDefine standards for token scopes, claims, session constraints, step-up auth, and sensitive action protectionsImprove detection/response for identity threats: anomalous token use, privilege escalation, credential misuse, service-account sprawlCreate metrics and reporting for identity posture and platform adoption (coverage, drift, exceptions, time-to-remediate)Lead identity-related investigations and post-incident improvementsServe as a senior technical leader influencing engineering orgs, platform teams, and security; mentor others and raise the bar on identity engineeringTranslate risk into pragmatic engineering requirements; drive roadmaps across multiple teamsSkills10+ years in IAM / security engineering, including designing identity architectures at enterprise scaleProven experience securing non-human identities across cloud, CI/CD, and production runtimesDeep knowledge of auth standards: OAuth2, OIDC, SAML, JWT, token exchange, federation, and modern workload identity patternsStrong authorization design experience: modeling permissions, least privilege, policy enforcement, and access governanceExperience designing or securing systems where software agents act on behalf of users/services (delegation, impersonation, tool access, constrained execution)Ability to define guardrails for agentic actions: approval gates, scoped permissions, auditable trails, and containment strategiesStrong software engineering fundamentals (APIs, distributed systems, logging/telemetry); ability to review designs and codeExperience with cloud IAM ecosystems and platform primitives (identity federation, workload identity, secretless patterns, KMS/HSM integration)Experience building identity 'paved roads' and internal developer platforms (IDP) patterns for identityExperience with privileged access management and tiering models for admin accessFamiliarity with CI/CD identity, signing, and provenance controls (build identities, artifact trust, token hardening)Drives measurable risk reduction and adoption across orgsSets standards others follow; resolves ambiguous identity problems; leads through influenceBenefitsAnnual cash bonusesCommissions for sales rolesStock grantsA comprehensive benefits packageCompany OverviewAutodesk develops 3D design software for use in the architecture, engineering, construction, and media industries. It was founded in 1982, and is headquartered in San Francisco, California, USA, with a workforce of 10001+ employees. Its website is http://www.autodesk.com.Company H1B SponsorshipAutodesk has a track record of offering H1B sponsorships, with 34 in 2026, 233 in 2025, 243 in 2024, 269 in 2023, 359 in 2022, 298 in 2021, 260 in 2020. Please note that this does not guarantee sponsorship for this specific role.